incubator-sling-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bdelacre...@apache.org
Subject svn commit: r1565165 - in /sling/trunk/bundles/auth/selector: pom.xml src/main/java/org/apache/sling/auth/selector/SelectorFormServlet.java
Date Thu, 06 Feb 2014 11:17:23 GMT
Author: bdelacretaz
Date: Thu Feb  6 11:17:22 2014
New Revision: 1565165

URL: http://svn.apache.org/r1565165
Log:
SLING-3378 - escape selectedAuthType parameter

Modified:
    sling/trunk/bundles/auth/selector/pom.xml
    sling/trunk/bundles/auth/selector/src/main/java/org/apache/sling/auth/selector/SelectorFormServlet.java

Modified: sling/trunk/bundles/auth/selector/pom.xml
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/auth/selector/pom.xml?rev=1565165&r1=1565164&r2=1565165&view=diff
==============================================================================
--- sling/trunk/bundles/auth/selector/pom.xml (original)
+++ sling/trunk/bundles/auth/selector/pom.xml Thu Feb  6 11:17:22 2014
@@ -122,6 +122,12 @@
             <scope>provided</scope>
         </dependency>
         <dependency>
+            <groupId>commons-lang</groupId>
+            <artifactId>commons-lang</artifactId>
+            <version>2.0</version>
+            <scope>provided</scope>
+        </dependency>
+        <dependency>
             <groupId>javax.servlet</groupId>
             <artifactId>servlet-api</artifactId>
         </dependency>

Modified: sling/trunk/bundles/auth/selector/src/main/java/org/apache/sling/auth/selector/SelectorFormServlet.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/auth/selector/src/main/java/org/apache/sling/auth/selector/SelectorFormServlet.java?rev=1565165&r1=1565164&r2=1565165&view=diff
==============================================================================
--- sling/trunk/bundles/auth/selector/src/main/java/org/apache/sling/auth/selector/SelectorFormServlet.java
(original)
+++ sling/trunk/bundles/auth/selector/src/main/java/org/apache/sling/auth/selector/SelectorFormServlet.java
Thu Feb  6 11:17:22 2014
@@ -23,6 +23,7 @@ import java.io.IOException;
 import javax.servlet.Servlet;
 import javax.servlet.http.HttpServletRequest;
 
+import org.apache.commons.lang.StringEscapeUtils;
 import org.apache.felix.scr.annotations.Component;
 import org.apache.felix.scr.annotations.Properties;
 import org.apache.felix.scr.annotations.Property;
@@ -72,6 +73,8 @@ public class SelectorFormServlet extends
         String type = request.getParameter(SelectorAuthenticationHandler.PAR_SELECTED_AUTH_TYPE);
         if (type == null || type.length() == 0) {
             return "null";
+        } else {
+            type = StringEscapeUtils.escapeJavaScript(type);
         }
         return "\"" + type + "\"";
     }



Mime
View raw message